Creating and Configuring the Operational Database - Identity and Access Management Services - 4.0 - 4.0 - Other - external

Identity and Access Management Services

Platform
Other
Product
Identity and Access Management Services
Release
4.0
License

After completing the base configuration for the Hyland IdP server you must create and configure the operational database.

The Hyland IdP server uses a specific database schema to store operational runtime data. The database for this operational data can be a Microsoft SQL or Oracle database. The schema for the operational data can be created either in a new database or it can be added to an existing database. In OnBase environments, the OnBase database can be used to store the operational data.

Note:

It is assumed that you have already completed the base configuration for the Hyland IdP server. If you have not yet completed the base configuration, first complete the instructions under Setting Up the Hyland IdP Server.

To create and configure the operational database:

  1. On the base configuration page, click Operational DB at the upper left of the page.

    The Operational Database page is displayed.

    The Hyland IdP server uses a database schema to store operational runtime data. The database for this operational data can be a SQL or Oracle database. The schema for the operational data can be created either in a new database or in an existing database.

    Tip:

    In OnBase environments it is recommended to use the OnBase database for the operational database.

  2. Create a valid ADO.NET connection string for the operational database with the following elements. If the database does not exist, it is created during initialization.
    Tip:

    ADO.NET connection strings are a method of connecting applications to databases. Complete details on connection strings and how to create them are available from Microsoft.

    Variable name

    Value

    Data Source

    One of the following:

    • the SQL instance to create the database under

    • the CONNECT_DATA parameter for the Oracle database

    For SQL, the SQL instance must already exist.

    For Oracle, the Oracle database must already exist.

    Tip:

    In OnBase environments it is recommended to use the OnBase database for the operational database.

    database

    For SQL databases, the name of the database to use. If the database does not exist, it is created by the utility.

    For Oracle databases, this variable is not used because the database is specified in the CONNECT_DATA information used as the Data Source value. For Oracle, the Oracle database must already exist.

    Tip:

    In OnBase environments it is recommended to use the OnBase database for the operational database.

    User Id

    The user account to log in to the database with.

    Note:

    The user account must already exist for the database. It is not created by the utility.

    The database schema created for the operational data is named hsiidp.

    For SQL Server databases

    The database user account must have sufficient rights to create the hsiidp schema in an existing database. If the database does not exist, the user also needs rights sufficient to create a database in the SQL Server instance. The user needs sufficient rights to select, update, insert, delete, and view the definition of tables in the hsiidp schema that is created.

    For Oracle databases

    The database being used for operational data must already exist; it is not created by the utility for Oracle databases. You must also make sure a user named hsiidp is created before initializing the operational database, and that the hsiidp user is the User Id used to initialize the operational database. The hsiidp user needs sufficient rights to query the data dictionary, create sessions, create tables, and insert data into the default tablespace.

    Note:

    Complete documentation on configuring users for SQL and Oracle databases is available from the vendors of those products.

    Password

    The password that corresponds to the User Id account specified.

    For Oracle connections, this is the password for the hsiidp user.

    direct

    For Oracle databases, set to true if the Hyland IdP service should connect directly to the Oracle database server instead of relying on a locally installed Oracle client.

    Note:

    Only TCP connections are supported in direct mode.

    You do not need to include this variable for SQL databases.

    An example SQL connection string may look like this:

    Data Source=PROD-MACHINE\SQLInstance;database=MyDatabase; User Id=UserName;Password=UserPassword;

    An example Oracle connection string may look like this:

    Data Source=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=PROD-MACHINE)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=MyDatabase)));User Id=hsiidp;Password=UserPassword;direct=true;

  3. Enter the connection string in the Operational DB Connection String field.
  4. From the Operational DB Provider Type drop-down list, select the database provider.
    • SQLServer for SQL databases

    • Oracle for Oracle databases

  5. Click Create Operational Store. The connection string is written to the Hyland IdP configuration files. The database is populated with the hsiidp schema. For SQL databases, if the database does not exist, it is created by the utility. For Oracle, the database must already exist.

    After the task is completed, you are returned to the main initialization page.

    Note:

    The fields on the main initialization page are empty upon returning to it, which is the expected behavior.

  6. Close the browser window for the initialization page.
  7. Recycle the application pool of the Hyland IdP server for the changes to take effect.
    Note:

    After initializing the Hyland IdP server, Perceptive environments must complete the instructions under Configuring the Hyland IdP Server for Use With Perceptive. OnBase environments do not need to complete those instructions.

To access the Hyland IdP Administration client, which is used to configure the tenant, providers, and clients for use with the Hyland IdP server, see Accessing the Hyland IdP Administration Client.